Re: [PATCH] libsas: fix ata list corruption issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2011-03-10 at 20:28 -0500, Jeff Garzik wrote:
> On 03/10/2011 06:13 PM, James Bottomley wrote:
> > I think this stems from a misunderstanding of how the ata error handler
> > works.  ata_scsi_cmd_error_handler() gets called with a passed in list
> > of commands to handle.  However, that list may still not be empty when
> > it exits.  The command ata_scsi_port_error_handler() must be called
> > (which takes no list) before the list will be completely emptied.  This
> > bites the sas error handler because the two are called from different
> > functions and the original list has gone out of scope before
> > ata_scsi_port_error_handler() is called. leading to some commands
> > dangling on bare stack, which is a potential memory corruption issue.
> > Fix this by manually deleting all outstanding commands from the on-stack
> > list before it goes out of scope.
> 
> Good catch...

I cannot tell a lie: it was the list debugger code that told me
something was wrong ... I just looked at it to see what the problem was.

James


--
To unsubscribe from this list: send the line "unsubscribe linux-ide" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Filesystems]     [Linux SCSI]     [Linux RAID]     [Git]     [Kernel Newbies]     [Linux Newbie]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Samba]     [Device Mapper]

  Powered by Linux